2876 matches found
EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-1890)
According to the versions of the openssl110h packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce...
Pwning a Siemens Scalance ICS switch through ARM reversing
We’ve been working in industrial control systems security for a long time. Several of the team here used to work in OT control rooms or support SCADA environments. Whilst pen testing a ship control system, we noticed a heavy reliance on Siemens Scalance industrial ethernet switches, so bought a...
kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service
The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or have an unspecified othe...
USN-4083-1 openjdk-lts vulnerabilities
It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. CVE-2019-2762 It was discovered that in some...
OpenJDK: Non-constant time comparison in ChaCha20Cipher (Security, 8221344)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
OpenJDK: Non-constant time comparison in ChaCha20Cipher (Security, 8221344)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
EulerOS 2.0 SP2 : gnutls (EulerOS-SA-2019-1743)
According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a combination of 'Just in...
EulerOS Virtualization for ARM 64 3.0.2.0 : gnutls (EulerOS-SA-2019-1693)
According to the version of the gnutls packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a...
Code injection
On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to...
CVE-2019-6629
CVE-2019-6629 affects F5 BIG-IP 14.1.0 (14.1.0 to 14.1.0.5) where undisclosed SSL traffic to a virtual server with a Client SSL profile using session tickets and DHE cipher suites can cause the Traffic Management Microkernel (TMM) to fail and restart. The impact is limited to the data plane; the ...
CVE-2019-6629
On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to...
EulerOS 2.0 SP5 : gnutls (EulerOS-SA-2019-1676)
According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a combination of 'Just in...
SSL/TLS Forward Secrecy Cipher Suites Not Supported
The remote host use at least one SSL/TLS ciphers that does not offer forward secrecy FS also known as perfect forward secrecy PFS. It's a feature that provides assurances the session keys will not be compromised even if the server's private key is compromised. No source data...
qpid-proton: TLS Man in the Middle Vulnerability
A cryptographic weakness was discovered in qpid-proton's use of TLS. If the qpid-proton client was used without client certificates, it would accept an anonymous cipher offered by the server. A man-in-the-middle attacker could use this to silently intercept traffic that should have been encrypted...
IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Websphere Application Server Network Deployment Untrusted Data Deserialization Remote Code Execution', 'Description' = % This module exploits...
OpenSSL 1.1.1 < 1.1.1c Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.1.1c. It is, therefore, affected by a vulnerability as referenced in the 1.1.1c advisory. - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce...
Security Bulletin: IBM API Connect V5 is potentially impacted by a weak cipher (CVE-2019-4256)
Summary API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4256 DESCRIPTION: IBM API Connect uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base Score: 5.9 CVSS Temporal Score:...
Moderate: Red Hat Security Advisory: Red Hat Quay 3.0.2 security and bug fix update
An update is now available for Red Hat Quay 3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
OpenVPN < 2.3.15 Weak Cryptographic Cipher Vulnerability (Windows)
According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.3.15. It is, therefore, affected by a weak cryptographic cipher vulnerability. OpenVPN's default cipher, BF-CBC, is vulnerable to plaintext recovery when enough cipher text has...
Billions of Malicious Bots Attacks Take to Cipher-Stunting to Hide
When it comes to cyberattacks, adversaries are focusing not just on advanced malware development, but also on increasing the sophistication of their evasion techniques. This is playing out lately in the form of ballooning instances of “cipher stunting” – a TLS tampering technique that helps...